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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )K Responsive to communication(s) filed on 27 October 2000 . 
2a)D This action is FINAL. 2b)^ This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-15 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) ^ Claim(s) 1-15 is/are rejected. 

7) D Claim(s) ... ^ is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)^ The drawing(s) filed on 27 October 2000 is/are: a)D accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1 .1 21 (d). 
1 1 )D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)Q None of: 

1 0 Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 



3.0 Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) O Notice of References Cited (PTO-892) 

2) O Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) □ Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 

Paper No(s)/Mail Date . 



4) O Interview Summary (PTO-413) 

Paper No(s)/Mail Date. . 

5) O Notice of Informal Patent Application (PTO-1 52) 

6) □ Other: . 



U.S. Patent and Trademark Office 
PTOL-326 (Rev. 1-04) 



Office Action Summary 



Part of Paper No./Mail Date 3 



Application/C<3mfol Number: 09/698,764 W Page 2 

Art Unit: 2134 

DETAILED ACTION 

1 . This action is responsive to communication: original application filed 
27 October 2000 with a continuing priority date of 06 September 2000. 

2. Claims 1-15 are currently pending in this application. Claim 1 is an 
independent claim. 

Drawings 

3. This application, filed under former 37 CFR 1 .60, lacks formal drawings. 
The informal drawings filed in this application are acceptable for examination 
purposes. When the application is allowed, applicant will be required to submit 
new formal drawings. In unusual circumstances, the formal drawings from the 
abandoned parent application may be transferred by the grant of a petition under 
37 CFR 1.182. 

Claim Rejections - 35 USC §112 

4. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

5. Claims 1-15 are rejected under 35 U.S.C. 112, second paragraph, as 
being indefinite for failing to particularly point out and distinctly claim the subject 
matter which applicant regards as the invention. 

As to independent claim 1, the phrase "authenticating transferred data 
between a sender and receiver" is vague and indefinite. This claim and the 
following dependent claims do not indicate details of the invention. The claims 
are written too broadly to accurately determine limitations of the invention. 
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Examiner's Note 

6. On page 8 of the specification, the applicant indicates "a server 14 which 
are connected via a global network 16, such as the Internet" none of the claims 
identify "a server". Also on page 8, the applicant indicates "the client computer 
22 includes an Internet browser program 26", none of the claims identify the 
"browser", "gateway", or "web page". 



Claim Rejections - 35 USC § 103 

7. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 102 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

8. Claims 1-4, and 6-15 as best understood are rejected under 35 
U.S.C. 103(a) as being unpatentable over Krishnamurthy et al. U.S. Patent No. 
6,389,464 (hereinafter '464) in further view of Nickles U.S. Patent No. 6,134,591 
(hereinafter '591). 

As to independent claim 1, "A method for authenticating transferred 
data between a sender and a receiver over an open network comprising the 
steps of- establishing a first secure transmission of data between the 
sender and the receiver" is taught in '464 col. 10, lines 48-65 "The home page 
100 for the site server 12 is shown ... managed devices and ports ... The page 
preferably requires a system administration password 116"; 
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"establishing at least one additional transmission of data between 
the sender and the receiver" is shown in '464 col. 16, lines 51-54 "for a Get 
operation, the SNMP agent executes the call-back function"; 

"adaptively determining the number of additional transmissions" is 

disclosed in '464 col. 12, lines 30-31 "Reply length 166 is the total length of 
expected data in bytes"; 

"transmitting the data during at least one of the additional 
transmissions; and" is taught in '464 col. 16, lines 43-47 "With continued 
reference to FIG. 30, the input/output conversion tables 218 with the 
instrumentation drivers and the port configuration table 220 are used by the 
SNMP engine 84 to read the response from the device 14 and to write the 
requested value as the value of the instance of the MIB parameter"; 



the following is not taught in '464 "authenticating each transmission in which 
data is transmitted" however '591 teaches "Message 2 contains information 
that authorizes the object manager 104 of the application server 20 to perform 
specific tasks and provides the encryption keys and port addresses to be used 
for the transmission of data between the object and the gateway components of 
the web server 32" in col. 1 1 , lines 1-5. 

It would have been obvious to one of ordinary skill in the art at the time of 
the invention to modify the device management system taught in '464 to include 
a means to provide additional network security. One of ordinary skill in the art 
would have been motivated to perform such a modification because with the 
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increases in technology an authentication method is needed to insure the identity 
of receiver and senders of communication see '591 (col. 2, lines 61 et seq.) 
"Thus, there is a need for a security system that enables a private network of 
computers to be accessible via an open network and that provides a higher level 
of security than that afforded by firewalls". 

As to dependent claims 2 and 3, "wherein the number of additional 
transmissions is adaptively selected, at least in part, based upon the 
performance overhead of the system" and "wherein the number of 
additional transmissions is adaptively selected, at least in part, based upon 
monitored conditions" are taught in '464 col. 17, lines 21-34 "The site server 
12 of the present invention minimizes redundant commands to and responses 
from the device 14 by grouping related parameters to share a common 
response". 

As to dependent claim 4, "wherein the number of additional 
transmissions is adaptively selected, at least in part, based upon a set of 
criteria that are used in an algorithm to determine the number of additional 
transmissions" is shown in '464 col. 8, lines 44-47 "Dynamic loading allows the 
Web server 64 to start with a minimal amount of fuctionality"; 

"the criteria selected from the group consisting of the frequency of 
transmissions between the sender and receiver" is disclosed in '464 col. 12, 
lines 24-34 "The time out value 164 indicates how long to wait for the response 
from the managed device"; 
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"the closeness of the sender to the source of the transactions, and" 

is taught in '464 col. 5, lines 56-59 "The site server 12a can monitor activity of the 
SNMP-manageable devices and provide alternate paths"; 

"the usage patterns of the client" is shown in '464 col. 13, lines 19-23 
"some port types can be configured to match incoming patterns against known 
patterns to determine whether the incoming string". 



As to dependent claim 6, "further comprising the step of transmitting 
at least one token to the receiver during the first secure transmission; 
wherein the data transmitting step further comprises transmitting at least 
one token along with the data; and wherein the authentication step 
comprises comparing, the at least one token transmitted during the 
additional transmission to the at least one token transmitted during the 
first secure transmission to determine whether the transmission is 
authentic" is taught in '591 col. 7, lines 3-16 "In the preferred operating 
environment, the computer system 16 first access a web server 32 when the 
computer system 16 desires to communicate ... to the security server 24 
indicating ... then determines whether the computer 16 is authorized to access 
any of the application servers". 

As to dependent claims 7 and 8, "wherein the at least one token 
comprises a preselected number of tokens" and "herein the number of at 
least one transmissions corresponds to the preselected number of tokens" 
is shown in '591 col. 7, lines 20-23 "Each device or workstation connected to a 
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network is assigned a unique code. A standard network address is a 32-bit 
address field which is broken". 

As to dependent claim 9, "wherein the number of at least one 
transmissions is greater than the preselected number of tokens" is 
disclosed in '591 col. 12, lines 5-7 "In the system of the present invention, data 
sent by the object is blocked to reduce traffic". 

As to dependent claim 10, "wherein the number of at least one 
transmissions is less than the preselected number of tokens" is taught in 
'591 col. 1 1 , lines 17-20 "If the time-out value for the transaction is exceeded, the 
object execution for this transaction is aborted". 

As to dependent claims 11 and 13 "wherein the at least one 
additional transmission is conducted over an unsecure or open 
connection" and "wherein the at least one additional transmission is sent 
in plaintext" is shown in '464 col. 13, lines 33-40 "whether a Trap message is to 
be sent to the SNMP manager 20 (as indicated on page 1956 in FIG. 22), or a 
facsimile or e-mail message". 

As to dependent claim 12, "wherein the first secure transmission is 
encrypted" is taught in '591 col. 10, lines 21-23 "The message 1 is encrypted". 

As to dependent claim 14, "further comprising the steps of 
transmitting a checksum value during the first transmission and having the 
receiver verify that the checksum value is accurate by comparing the 
transmitted value to a checksum value generated using a similar checksum 
algorithm" is shown in '591 col. 10, lines 24-38 "Digital signatures, or 
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cryptographic checksums, are hashing techniques commonly known ... A digital 
signature is calculated as known by those skilled in the art and compared to the 
digital signature in the decrypted message 1". 

As to dependent claim 15, "wherein the transmitted checksum value 
is based upon checksum values transmitted during previous 
transmissions" is disclosed in '591, col. 10, lines 40-42 The security server 24 
accesses four transaction tables to determine whether the user of computer 
system 16 is authorized to access the object". 

9. Claim 5 as best understood is rejected under 35 U.S.C. 103(a) as being 
unpatentable over '464 in further view of '591 in further view of ENGEL et al. US 
Pub. No. 2003/0005144 A1, filed 28 October 1998 (hereinafter '144). 

As to dependent claim 5, the following is not taught in the combination of 
teachings of '464 and '591 "wherein the algorithm is a statistical averaging 
algorithm" however '199 teaches "The leaky bucket scheme uses 2 leaky 
buckets; one to monitor the peak rate and one to monitor the average rate" on 
page 5 paragraph 0059. 

It would have been obvious to one of ordinary skill in the art at the time of 
the invention to modify the device management system taught over a secure 
network taught in the combination of teachings of '464 and '591 to include a 
means adapt the number of transmission to a known average. One of ordinary 
skill in the art would have been motivated to perform such a modification 
because statistical information gained is practical in determining communication 
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and limitations between devices see '199 (page 3, paragraph 0025 et seq.) "An 
object of this invention is a system and method to reduce the delay, the delay 
variation ... by rate shaping all other transmission that are destined to one of the 
two points". 



10. Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Ellen C Tran whose telephone number is 
(703) 305-8917. The examiner can normally be reached on 6:30 am to 3:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory A Morse can be reached on (703) 308-4789. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is (703) 306- 
5484. 



Ellen Tran 
Patent Examiner 
Technology Center 2134 
19 March 2004 
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